diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-29 22:26:28 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-29 22:26:28 +0100 |
commit | 63101c139ac078959e8d720d1db2205b9353057f (patch) | |
tree | e51259e71a56870900a3f0e5630edf06fa8b337d | |
parent | 34ae6cbfea87b76521e01439df095e6e04030f01 (diff) | |
download | gnutls-63101c139ac078959e8d720d1db2205b9353057f.tar.gz |
Added XSSL client examples.
-rw-r--r-- | doc/examples/Makefile.am | 5 | ||||
-rw-r--r-- | doc/examples/ex-client-xssl1.c | 85 | ||||
-rw-r--r-- | doc/examples/ex-client-xssl2.c | 98 |
3 files changed, 187 insertions, 1 deletions
diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am index 671ef31ab9..4fb5f47a1a 100644 --- a/doc/examples/Makefile.am +++ b/doc/examples/Makefile.am @@ -42,9 +42,12 @@ CXX_LDADD = ../../lib/libgnutlsxx.la \ noinst_PROGRAMS = ex-client-resume ex-client-dtls noinst_PROGRAMS += ex-cert-select ex-client-x509 -noinst_PROGRAMS += ex-serv-dtls +noinst_PROGRAMS += ex-serv-dtls ex-client-xssl1 ex-client-xssl2 noinst_PROGRAMS += print-ciphersuites +ex_client_xssl1_LDADD = $(LDADD) ../../lib/libgnutls-xssl.la +ex_client_xssl2_LDADD = $(LDADD) ../../lib/libgnutls-xssl.la + if ENABLE_CXX ex_cxx_SOURCES = ex-cxx.cpp ex_cxx_LDADD = $(CXX_LDADD) diff --git a/doc/examples/ex-client-xssl1.c b/doc/examples/ex-client-xssl1.c new file mode 100644 index 0000000000..de96c17782 --- /dev/null +++ b/doc/examples/ex-client-xssl1.c @@ -0,0 +1,85 @@ +/* This example code is placed in the public domain. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <gnutls/gnutls.h> +#include <gnutls/xssl.h> +#include "examples.h" + +/* A simple TLS client, with X.509 authentication. Certificate verification + * is explicit. + */ + +extern int tcp_connect (void); +extern void tcp_close (int sd); + +int main (void) +{ + int ret; + char *line = NULL; + size_t line_len; + xssl_cred_t cred; + xssl_t sb; + unsigned int status; + int fd; + + gnutls_global_init (); + + fd = tcp_connect (); + + ret = xssl_cred_init(&cred, GNUTLS_VMETHOD_SYSTEM_CAS, NULL, 0); + if (ret < 0) + exit(1); + + /* Initialize TLS session + */ + ret = xssl_client_init(&sb, "www.example.com", NULL, + (gnutls_transport_ptr_t)fd, + NULL, cred, &status, 0); + if (ret < 0) + { + if (ret == GNUTLS_E_AUTH_ERROR) + { + gnutls_datum_t txt; + + gnutls_certificate_verification_status_print(status, GNUTLS_CRT_X509, + &txt, 0); + + fprintf(stderr, "Verification error (%x): %s\n", status, txt.data); + gnutls_free(txt.data); + } + exit(1); + } + +#define REQ "GET / HTTP/1.0\r\n" + ret = xssl_write(sb, REQ, sizeof(REQ)-1); + if (ret < 0) + exit(1); + + do + { + ret = xssl_getline(sb, &line, &line_len); + if (ret < 0) + exit(1); + + fprintf(stderr, "received: %s\n", line); + } + while (ret >= 0); + + gnutls_free(line); + + xssl_deinit(sb); + + tcp_close (fd); + + xssl_cred_deinit (cred); + + gnutls_global_deinit (); +} + + diff --git a/doc/examples/ex-client-xssl2.c b/doc/examples/ex-client-xssl2.c new file mode 100644 index 0000000000..47ddd2e94b --- /dev/null +++ b/doc/examples/ex-client-xssl2.c @@ -0,0 +1,98 @@ +/* This example code is placed in the public domain. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <gnutls/gnutls.h> +#include <gnutls/xssl.h> +#include "examples.h" + +/* A simple TLS client, with X.509 authentication. Certificate verification + * with a fixed CA, and trust on first use. + */ + +extern int tcp_connect (void); +extern void tcp_close (int sd); + +int main (void) +{ + int ret; + char *line = NULL; + size_t line_len; + xssl_cred_t cred; + xssl_t sb; + gnutls_cinput_st aux[2]; + unsigned aux_size = 0; + unsigned int status; + int fd; + + gnutls_global_init (); + + fd = tcp_connect (); + + aux[aux_size].type = GNUTLS_CINPUT_TYPE_FILE; + aux[aux_size].contents = GNUTLS_CINPUT_CAS; + aux[aux_size].fmt = GNUTLS_X509_FMT_PEM; + aux[aux_size].i1.file = "/path/to/ca/file"; + aux_size++; + + /* This may be skipped to use the default DB file */ + aux[aux_size].type = GNUTLS_CINPUT_TYPE_FILE; + aux[aux_size].contents = GNUTLS_CINPUT_TOFU_DB; + aux[aux_size].i1.file = "/path/to/trust/db/file"; + aux_size++; + + ret = xssl_cred_init(&cred, GNUTLS_VMETHOD_GIVEN_CAS|GNUTLS_VMETHOD_TOFU, + aux, aux_size); + if (ret < 0) + exit(1); + + /* Initialize TLS session + */ + ret = xssl_client_init(&sb, "www.example.com", NULL, + (gnutls_transport_ptr_t)fd, + NULL, cred, &status, 0); + if (ret < 0) + { + if (ret == GNUTLS_E_AUTH_ERROR) + { + gnutls_datum_t txt; + + gnutls_certificate_verification_status_print(status, GNUTLS_CRT_X509, + &txt, 0); + + fprintf(stderr, "Verification error (%x): %s\n", status, txt.data); + gnutls_free(txt.data); + } + exit(1); + } + +#define REQ "GET / HTTP/1.0\r\n" + ret = xssl_write(sb, REQ, sizeof(REQ)-1); + if (ret < 0) + exit(1); + + do + { + ret = xssl_getline(sb, &line, &line_len); + if (ret < 0) + exit(1); + + fprintf(stderr, "received: %s\n", line); + } + while (ret >= 0); + + gnutls_free(line); + + xssl_deinit(sb); + + tcp_close (fd); + + xssl_cred_deinit (cred); + + gnutls_global_deinit (); +} |